Are our most precious resources Safe with SCADA Software?

In humanity’s development, harvesting the resources we use today has been at the forefront of our industrial advances. We could only manufacture the technological luxuries we rely on today with the complex infrastructure processes and the various resources we use to survive. To make the cellular devices we are handicapped without in today’s business and personal day-to-day activities, we need many materials to build them. Copper, Tantalum, Neodymium, europium, and terbium are all mined and processed to create what we need to function in the 21st century. In an interview, Sherry Turkle, a Sociologist at MIT, stated, “Technology is transforming what it means to be human.” Furthermore, while I will not debate whether it is true, we have placed ourselves in a position where we cannot function without it.
In this age of intelligence, we utilize technology to manage our critical and manufacturing infrastructures with a technology called Supervisory control and data acquisition or SCADA.
SCADA is a control system that manages and controls infrastructure processes and functions. SCADA refers to the centralized systems that control and monitor the entire site or are the complex systems spread out over large areas. (www.scadasystems.net) This technology is critical in efficiently harvesting resources we need and managing processes such as wastewater treatment, potable water treatment, and power generation. Nevertheless, does SCADA come without risk? I say no because the human element must always be accounted for in any process. Whether it be a technical error by employees, operators, or deviance by a threat agent, we must take extra steps to minimize the risk of these issues.

The third generation of SCADA systems used in today’s infrastructure processing leaves our resources open to threat agent attacks on the system’s network and in person. “The Department of Energy, Cybersecurity and Infrastructure Security Agency, National Security Agency, and Federal Bureau of Investigation are warning that certain advanced persistent threat actors have shown the capability to gain full system access to multiple industrial control of system/supervisory control and data acquisition devices”. (Paul Ciampoli, April 18, 2022) With this generation’s SCADA being networked, it opens it up to attacks such as compromised developers implanting viruses, malware, spyware, and ransomware. We live in an age where Cybercrimes are at an all-time high, and the threat of threat agents holding networks ransom for payment has been a trend lately. Furthermore, what better to hold hostage than a critical infrastructure like a potable water plant? Also, with SCADA, some Information Technology officials may think SCADA systems are safer because they are not on the net. From everything I have read about SCADA, this notion is absurd.

On Corncom.net, Ira Winkler, a Certified Information Systems Security Professional, created a presentation on Hacking closed nets. Reading it showed me some alarming issues that SCADA has and will have in the future. There are many ways threat agents can still attack networks. Some of them are; “closed networks are Limited by creativity, many versions of the different scenarios, Networks are not really “closed, Access points uncontrolled, Diagnostic equipment, Insider abuse, and Compromise developers” (Ira Winkler 2018). Also, in Mr. Winkler’s presentation, he discusses uncontrolled access points in closed networks and how they are at risk. “Closed networks frequently have many Access Points, and Power grid has many points where diagnostic equipment can plug in” (Ira Winkler, 2018).
With all of the evidence found in research, in my limited research on SCADA, it could be more secure. Also, as a member of a new generation of Cyber Security specialists entering the field, we must be diligent in our research. We have engineer safety measures that can be implemented in closed networks. We must create new protection programs that can be manned at the Supervisory stations to alert the operators before the attacks. Moreover last but not least, create new creative closed networks so that threat agents cannot attack the systems in place and protect our resources so we can continue our prosperity in the industry with less threat to our protocols.

Works Cited
SECURITY AND RESILIENCE (CYBER AND PHYSICAL) Agencies Warn Of Cyber Threats

Against ICS/SCADA Devices, (Paul Ciampoli, April 18, 2022) (www.scadasystems.net)

SCADA Systems Involved in Many Breaches Suffered by US Ports, Terminals By (Eduard Kovacs October 5, 2022)
On Corncom.net, (Ira Winkler 2018).
www.scadasystems.net)